Security Awareness TraningWhat is Vishing?

Vishing is the phone's version of email phishing and uses automated voice messages to steal confidential information. The term is a combination of "voice" and "phishing." 

KnowBe4 allows you to send this type of simulated phone attacks to your users. Vishing is a type of social engineering. These attacks try to trick an employee into giving out confidential information via a phone call.

Vishing attacks use a spoofed caller ID, which can make the attack look like it comes from either a known number or perhaps an 800-number that might cause the employee to pick up the phone. Vishing often uses VoIP technology to make the calls.

Vishing is an extremely useful tool for attackers, because their targets do not have time to think the situation through prior to providing information to the attacker and can easily be confused by alarming claims. Vishing attacks can be focused on all employees, or against employees that mainly deal with people outside the organization. Departments like the help desk, PR, Sales, and HR are good to include in vishing security tests.

KnowBe4 Vishing Security Tests (VST)

KnowBe4's vishing supports both domestic and international numbers, with an easy-to-use interface that is similar to the phishing templates section in the KnowBe4 console.

You have the ability to use text to speech, upload your own custom audio, and create your own vishing templates. Set vishing campaigns to wait for prompts and then wait for users to do something and then that is the point of failure:

  • Make your own custom failure message
  • Point of failure training messages
  • Numbers are geolocated, just like the bad guys are doing it

With over 200 built-in vishing templates across 21 different languages you are able to deliver random and full random vishing, and specify the time period that you want calls to go out. Pick a category of vishing templates and randomly vish your users!  Screenshot here.

Vishing is included in Gold, Platinum, and Diamond subscription levels. 

Having all employees step through security awareness training and sending them simulated phishing and also vishing attacks, is an essential element of your defense-in-depth! Download this page as a PDF Datasheet

Find out how affordable this is for your organization. Click here to get a demo:

Request A Demo

Related Pages: Social Engineering


Get the latest about social engineering

Subscribe to CyberheistNews